HTTP: Microsoft Edge CVE-2018-8278 Spoofing Vulnerability

This signature detects attempts to exploit a spoofing vulnerability that exists in Microsoft Edge, which could enable an attacker to spoof trusted Internet content. Users can believe they are accessing trusted Internet content when in reality, they are accessing malicious Internet content; for example, a malicious Web site.

Extended Description

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge.

References

CVE: CVE-2018-8278

Short Name
HTTP:STC:IE:CVE-2018-8278
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-8278 Edge Microsoft Spoofing Vulnerability
Release Date
07/10/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
CVSS Score

5.8

Found a potential security threat?